Microsoft technologies form the backbone of many Enterprise IT Infrastructures. Whether you are running Microsoft Exchange, Sharepoint, SQL Server or Active Directory; chances are you rely upon you these services for your mission critical needs. Solutions Architects and IT professionals will get an overview of the common Microsoft workloads running on AWS including approaches for server migrations, design and deployment of infrastructure services and maintenance and monitoring of those services once they are in production.
4. Modernizing IT: Gartner’s 5 Rs
Packaged
Apps
Databases
Custom Apps
Phase out
unnecessary
applications
Leave data or
applications in
place and
extend via new
platform
Replace custom
applications with
modern,
packaged
offerings
Move
application and
data to new
platform without
modification
Create new
applications
utilizing services
to speed
implementation
5. Modernizing IT: Gartner’s 5 Rs
Packaged
Apps
Databases
Custom Apps
Phase out
unnecessary
applications
Leave data or
applications in
place and
extend via new
platform
Replace custom
applications with
modern,
packaged
offerings
Move
application and
data to new
platform without
modification
Create new
applications
utilizing services
to speed
implementation
7. Phased Migration Strategy
Cloud
Assessment
Phase
•Assess
Costs
•Assess
Architecture
•Document
current
inventory &
workloads
•Assess
Security
Proof of
Concept
Phase
•Learn AWS
•Build a pilot
•Build
Support
within the
organization
Data
Migration
Phase
•Leverage
different
storage
options
•Migrate
Application
Migration
Phase
•Lift & Shift
Migration
•Hybrid
Migration
Leverage the
Cloud Phase
•Auto-scaling
•Automation
•Elasticity
•High
Availability
Optimization
Phase
•Utilization
•Monitoring
•Efficiency
•Performance
•Re-
engineering
8. Phase Driven Approach to Cloud Migration
Phase Process Benefits
Cloud
Assessment
• Financial Assessment (TCO calculation)
• Security and Compliance Assessment
• Technical Assessment (Classify application
types)
• Identify the tools that can be reused and the
tools that need to be built
• Migrate licensed products
• Create a plan and measure success
• Business case for migration (Lower
TCO, faster time to market, higher
flexibility & agility, scalability +
elasticity)
• Identify gaps between your current
traditional legacy architecture and
next -generation cloud architecture
Proof of
Concept
• Get your feet wet with AWS
• Build a pilot and validate the technology
• Test existing software in the cloud
• Build confidence with various AWS
services
• Mitigate risk by validating critical
pieces of your proposed architecture
Data
Migration
• Understand different storage options in the
AWS cloud
• Migrate fileservers to Amazon S3
• Migrate RDBMS to EC2 + EBS, or Amazon
RDS
• Redundancy, Durable Storage,
Elastic Scalable Storage
• Automated Management Backup
9. Phase Driven Approach to Cloud Migration
Phase Process Benefits
Application
Migration
• Understanding the different instance type and
performance characteristics
• Network connectivity and security controls
• Deploy instances and software
• Failure tolerance, optimal capacity
provisioning, high availability
• Scalable compute resources
• Infrastructure automation
Leverage the
Cloud
• Leverage other AWS services
• Automate elasticity and SDLC
• Flexibility and agility
• Automation and improved productivity
• Harden security
• Create dashboard to manage AWS resources
• Leverage multiple availability zones
• Reduction in CapEx in IT
• Flexibility and agility
• Automation and improved
productivity
• Higher Availability
Optimization • Optimize usage based on demand
• Improve efficiency
• Implement advanced monitoring and
telemetry
• Re-engineer your application
• Decompose your relational databases
• Increased utilization and
transformational impact in OpEx
• Better visibility through advanced
monitoring and telemetry
10. Phase Deep-Dive: Assessment & Discovery
Application/Device Mapping
A document that relates individual compute instances and
infrastructure to a specific application.
Security
You will want to understand any application specific security
requirements, Data Protection mechanisms, authentication
mechanisms and security classification efforts.
Application Architecture Diagrams
Application diagrams that show the relationships between
infrastructure and software for a specific workload.
Compliance
Any compliance regulations will need to ne vetted in order to
meet the organizations audit requirements such as HIPPA,
PCI, DSS, FedRAMP
Integration/Dependency Mapping
A document that shows the integration points or
dependencies of one application on other applications.
Criticality, RPO/RTO Objectives
What are the application specific criticality rankings,
RPO/RTO objectives and migration efforts will need to
consider application maintenance windows (Recovery Time
Objectives)
Application Load Metrics
Understanding an applications load profile will help
understand the scale of the infrastructure required to support
the environment.
14. First You
Need a
Target:
The VPC
Availability Zone
Private SubnetPublic Subnet
NAT
10.0.0.0/24 10.0.2.0/24
DCDBAPPWEB
Domain
Controller
SQL
Server
App
Server
IIS
Server
RDGW
Availability Zone
Private SubnetPublic Subnet
NAT
10.0.0.0/24 10.0.2.0/24
DCDBAPPWEB
Domain
Controller
SQL
Server
App
Server
IIS
Server
RDGW
Remote
Users / Admins
15. The Principles of Security Don’t Change Much
• Roles Based Access Control and Least Privilege Apply
• Use Security Groups to filter traffic
Availability Zone
Web Security Group SQL Security Group
Private SubnetPublic Subnet
Accept TCP Port 80
from Internet
Accept TCP Port
1433 from Web SG
User
WEB SQL
TCP 80 TCP 1433
10.0.0.0/24 10.0.1.0/24
16. Remember You Are Always Working Remote
Deploying a bastion host in each Availability Zone can provide
highly available and secure remote access over the Internet
• Clients can use the Remote Desktop Protocol (RDP) over
HTTPS to establish a secure, encrypted connection
• Bastion hosts can run Windows PowerShell Web Access for
remote command line administration
17. SQL Server on AWS
SQL Server on Amazon EC2
• You Manage Your Infrastructure
• Advanced Deployments: WSFC +
AlwaysOn Availability Groups
Amazon RDS for SQL Server
• Fully Managed by AWS
• No Administrative Intervention
• Uses SQL Server Mirroring
Many Versions and Editions of SQL Server including Express, Web, Standard and
Enterprise and SQL 2005, 2008, 2012, 2014
18. Highly Available SQL Server
Availability Zone 1
Private Subnet
Primary
Replica
Availability Zone 2
Private Subnet
Secondary
Replica
Synchronous-commit Synchronous-commit
Primary: 10.0.2.100
WSFC: 10.0.2.101
AG Listener: 10.0.2.102
Primary: 10.0.3.100
WSFC: 10.0.3.101
AG Listener: 10.0.3.102
AG Listener:
ag.awslabs.net
Automatic Failover
19. SQL Server WSFC: The Quorum
Availability Zone 1
Private Subnet
Primary
Replica
Availability Zone 2
Private Subnet
Secondary
Replica
Synchronous-commit Synchronous-commit
Automatic Failover
Witness
Server
20. SQL Server WSFC Failover: The Witness
Availability Zone 1
Primary
Replica
Availability Zone 2
Secondary
Replica
Automatic Failover
Witness
Server
Availability Zone 3
21. SQL Server HA with Read Replica
Availability Zone 1
Private Subnet
Primary
Replica
Availability Zone 2
Private Subnet
Secondary
Replica 1
Synchronous-commit Synchronous-commit
AG Listener:
ag.awslabs.net
Automatic Failover
Asynchronous-commit
Secondary
Replica 2
(Readable)
Reporting
Application
22. SQL Server HA Hybrid
Availability Zone 1
Private Subnet
Primary
Replica
Availability Zone 2
Secondary
Replica 1
Private Subnet
AG Listener:
ag.awslabs.net
Corporate Network
VPN
Automatic Failover
Secondary
Replica 2
(Readable)
Reporting
Application
Backups
Manual Failover
23. SQL Server HA Hybrid – Replicating to AWS
Primary
Replica
Secondary
Replica 1
AG Listener:
ag.awslabs.net
VPN
Automatic Failover
Secondary
Replica 2
(Readable)
DR, Migration
Manual Failover
Corporate Network
24. Migration to Amazon RDS for SQL Server
Create
Database
• Use Console, CLI or API
Prepare the
Source
• Disable foreign key constraints, database
triggers, and automated backups
Import
Logins and
Data
• Query for Logins
• Generate Scripts to obtain the data
Reverse
Preparations
• Re-enable the
elements disabled
before
26. AWS Database Migration Service
AWS
Database Migration
Service
• Start your first migration in 10 minutes or less
• Keep your apps running during the migration
• Replicate within, to or from Amazon EC2 or RDS
• Move data to the same or different database
engine
• Sign up for preview at aws.amazon.com/dms
27. AWS Database Migration Service
Customer
Premises
Application Users
AWS
Internet
VPN
• Start a replication instance
• Connect to source and target
databases
• Select tables, schemas, or databases
Let AWS Database Migration Service
create tables, load data, and keep
them in sync
Switch applications over to the target
at your convenience
AWS
Database Migration
Service
29. Migration Tools
• Common set of tools that can assist customers in migrating workloads into Amazon
Web Services.
• Tools and Partner’s change. Here is an abbreviated list of some commonly
recommended tools.
Description Tool assisted migration options
Production environment, Live Migration with
minimum downtime
CloudEndure
Production environment, not so critical
workloads, can sustain outage
RACEMI
Windows 2003, in-place upgrade and migration AppZero
Database migrations, all use cases Attunity
Non-Prod / Non-critical migrations AWS VM Import
31. Microsoft Quick Starts
https://aws.amazon.com/quickstart/
• Web Application Proxy and Active Directory Federation Services
• Lync Server 2013
• Exchange Server 2013
• Windows PowerShell DSC
• SharePoint Server 2013
• SQL Server 2012 and 2014 with WSFC
• Remote Desktop Gateway
• Active Directory Domain Services
32. Where Can I Learn More?
• AWS Directory Services
• Microsoft Pages on AWS
• Microsoft Whitepapers on AWS
• Windows FAQ on AWS
• Microsoft License Mobility on AWS